Since 2004, a source for ranting, reviews and InfoSec news

Menu

Backscatter

One of our users is a victim of backscatter and has been reporting them to the abuse mailbox at work.
Backscatter is the unsolicited mail that occurs when a spammer sends out email as you and poorly configured email server return all manner of notices to you. Its funny to watch the Barracuda spam firewall spamming the employee with the message Undeliverable: **Message you sent blocked by our bulk email filter** and an RFC rejection. Along with that is the usual ‘out of office’ and non-deliverable reports.
I figured there really isn’t much we can do. I decided that maybe its time to adjust the SPF record and change it from a ~all to a -all setting. Surprise, Surprise, I found that there was not a SPF record for the domain in question. I’m not sure if I dropped the ball on that or if our external DNS provider did something crazy again. At any rate, that is getting fixed but given how few people use the SPF record, I dont think it will be a lot of help.